Re: PHP/MySQL image gallery penetration testing

[Cory Swanson <cory () spydertechsolutions com>]

Simon,

May I ask why one would be concerned with being able to download all 4
images from the site at once? You said that they rotate every day so
couldn't they just wait a day at a time and Right-Click / Save-As ? Do
these images contain important information which someone would want to
have right away?

I'm sorry but I just can't see why this would be a vulnerability unless
you were running an image hosting site like imagevenue.com or something
and didn't want people leeching entire galleries at once and eating
bandwidth.

Perhaps you can provide more information.

Cory

On Thu, 2007-10-25 at 18:34 +0200, Simon Jolle "sjolle" wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi security list
>
> At our site we have 4 images on the website (rotating every day). The
> webdev department doesn't allow me access to the source (additionally I
> am a non-programmer)
>
> The URL looks http://www.example.com/image.php?src=imagename.png, where
> imagename.png is random generated.
>
> What techniques can be used by a attacker to download every image? What
> tools can be used to test potential vulnerabilities?
>
> cheers
> Simon
>
> - --
> actually, I think Windows Vista has done more than virtually any OS
> release to promote the use of Linux (Slashdot comment, 4. Oct 07)
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFHIMWEEMN/lNE/wrwRAubcAJ0UXU34ca1ijp4J5fNrgsCsDZwg7QCgh9dd
> WSbDPq6dZpCGCDKZTsj8tiY=
> =2mrF
> -----END PGP SIGNATURE-----

Cory Swanson
Director - Spyder Technology
http://www.spydertechsolutions.com
Office   (208) 947-4693
Mobile  (208) 695-5110